Currently the Directional host address type is pretty useless,
since it's only useful in application protocols that a) use
KRB-PRIV/KRB-SAFE messages (so: not GSS-API applications), and b)
state in their specs to use Directional, or otherwise provide for
negotiation of host address types. There are no such protocols
that we care about except -since we control it- iprop. But even
for iprop it'd be better to switch to GSS-API.
The read() in readall() to read the SOCKS4a request was sometimes
failing with EAGAIN, which it wasn't prepared for, causing the
request to be rejected and the test to fail.
I wrote this code specifically under the assumption the fd would be
in blocking mode, and in the original draft I wrote with stdin/stdout
under socat that was true. But when I adapted this to do its own
bind/listen/accept logic, I broke it, because POSIX leaves it
unspecified whether accept() inherits the O_NONBLOCK setting or not:
https://pubs.opengroup.org/onlinepubs/9799919799/functions/accept4.html
And the traditional BSD semantics is to inherit O_NONBLOCK.
So, just explicitly clear O_NONBLOCK on the fd returned by accept().
All network traffic to KDC goes through the SOCKS4a proxy if it is
configured.
This is deliberately kept simple -- and is not generalized to SOCKS4
or SOCKS5 or other types of proxies -- so it is easy to audit for
network and DNS leaks. (SOCKS4 works in IP addresses, and so invites
DNS leaks. SOCKS5 can be OK, if used judiciously, but takes more
work to implement.)
This only affects krb5_sendto -- the other initiator of network
traffic in libkrb5, krb5_change_password, will be fixed to respect
socks4a_proxy in a subsequent commit.
XXX Need to figure out where the socks4a.c code should go.
fix https://github.com/heimdal/heimdal/issues/1151
Acording to POSIX <poll.h> should be used instead of <sys/poll.h>.
Libcs like musl libc added a redict due maintain compat with older
glibcs and added the following warning:
/usr/include/sys/poll.h:1:2: warning: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Wcpp]
1 | #warning redirecting incorrect #include <sys/poll.h> to <poll.h>
| ^~~~~~~
Ref: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/poll.h.html
We must switch to OpenSSL 3.x, and getting lib/hcrypto to provide
OpenSSL 3.x APIs is too large an undertaking. Plus the hcrypto backend
is not safe, not secure (probably has timing leaks galore), and no one
has the resources to make it a world-class crypto library, so it just
has to go.
MIT commit d3b39a8bac6206b5ea78b0bf6a2958c1df0b0dd5 implemented
krb5_cc_remove_cred() for FILE ccaches by setting endtime to zero
and authtime to minus one and then filtering out those credentials
from get_next().
This change sets "authtime = -1" for the removed cred to permit
MIT krb5 to ignore removed credentials from a shared FILE ccache.
MIT commit 4c0838bb4c232866b95c9f2f72a55bf77cfc1308 modified the
cred_removed() check to restore compatibility with Heimdal.
commit a9bd3c6e50 ("Fix racy file ccache
corruption in cred_delete()") implemented krb5_cc_remove_cred() for
"FILE" ccaches by overwriting the removed credential endtime value
with zero (Unix Epoch). However, it did not modify fcc_get_next()
to filter out these deleted entries. As a result, invalid credentials
can be returned from the FILE ccache where endtime < starttime.
RFC4120 requires endtime >= starttime for all tickets.
MIT Kerberos since d3b39a8bac6206b5ea78b0bf6a2958c1df0b0dd5
("Implement krb5_cc_remove_cred for remaining types") modifies a
removed cred by setting
endtime = 0
authtime = -1
and then filters out removed creds from the fcc_next_cred() results.
In 2013 Heimdal broke interop with MIT processes that share the
FILE ccache by implementing remove by setting "endtime = 0" and
now MIT has broken interop with the Heimdal implementation of
fcc_remove_cred() by checking for both "endtime = 0" and "authtime = -1".
This change filters results from fcc_get_next() when the "endtime == 0"
which is acceptable because a KDC is not permitted to return a
ticket with an endtime == 0.
If crypt() is unavailable then DES_AFS3_string_to_key() cannot be
implemented for passwords up to 8 characters in length. Do not
advertise support for "afs3-salt" when crypt() is missing.
This ensures we inherit the clock skew adjustment from the AS-REQ/REP into the
memory ccache in a similar way done for the file ccache.
This means krb5_cc_get_kdc_offset() will return the correct value and
_krb5_get_cred_kdc_any() uses the adjusted time in the authenticator of
subsequent TGS-REQ.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15676
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
At least Windows KDCs return KRB5KRB_AP_ERR_SKEW without edata in
response to TGS-REQ.
This ensures the callers see the KRB5KRB_AP_ERR_SKEW error and not
KRB5_KDCREP_MODIFIED "FAST fast response is missing FX-FAST".
For the response to an amored AS-REQ, we'll now return
KRB5KRB_AP_ERR_MODIFIED instead of KRB5_KDCREP_MODIFIED,
but if there's an attack the exact error code doesn't matter.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15676
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
